AWS S3 Bucket Not Publicly Readable

Risk

Remediation Effort

High

Low

This policy validates that no S3 buckets are publicly readable. Overly permissive S3 buckets are a major cause of data loss in AWS. Be extremely careful when making buckets publicly available.

Remediation

To remediate this, modify the access policy of the S3 bucket to remove AllUsers and AuthenticatedUsers from any grant that gives read permissions.

Reference

AWS S3 Bucket example policies

PreviousAWS S3 Bucket Name Has No Periods NextAWS S3 Bucket Not Publicly Writeable

Last updated 3 years ago